ARC: cutthrough delivery may not be used with ARC signing
authorJeremy Harris <jgh146exb@wizmail.org>
Mon, 26 Mar 2018 14:59:25 +0000 (15:59 +0100)
committerJeremy Harris <jgh146exb@wizmail.org>
Tue, 3 Apr 2018 23:21:23 +0000 (00:21 +0100)
doc/doc-txt/ChangeLog
doc/doc-txt/experimental-spec.txt
src/src/verify.c

index 9a05c34713783d04e13fa693e0ca6d3e82a929da..61fd30bf811bf7abedea15966532dda09511b301 100644 (file)
@@ -163,6 +163,7 @@ PP/02 DANE: add dane_require_tls_ciphers SMTP Transport option; if unset,
 JH/34 Re-introduce enforcement of no cutthrough delivery on transports having
       transport-filters or DKIM-signing.  The restriction was lost in the
       consolidation of verify-callout and delivery SMTP handling.
+      Extend the restriction to also cover ARC-signing.
 
 
 Exim version 4.90
index 0828e9b67aeac6c589231cfee7d3848590e27597..4e8e59148e9a9c4297a187a1191d11bdb721a4d7 100644 (file)
@@ -819,6 +819,10 @@ Caveats:
    should try to stick to one ADMD, so pick a primary domain and use that for
    AR headers and outbound signing.
 
+Signing is not compatible with cutthrough delivery; any (before expansion)
+value set for the option will result in cutthrough delivery not being
+used via the transport in question.
+
 
 
 --------------------------------------------------------------
index 1df856604a066c012ae829ba2e669f56aa2c873d..1555838acecda3c5abbebea7d232af4691f1a2cf 100644 (file)
@@ -1033,10 +1033,10 @@ no_conn:
         cutthrough.delivery= FALSE;
         HDEBUG(D_acl|D_v) debug_printf("Cutthrough cancelled by presence of transport filter\n");
         }
-      if (ob->dkim.dkim_domain)
+      if (ob->dkim.dkim_domain || ob->arc_sign)
         {
         cutthrough.delivery= FALSE;
-        HDEBUG(D_acl|D_v) debug_printf("Cutthrough cancelled by presence of DKIM signing\n");
+        HDEBUG(D_acl|D_v) debug_printf("Cutthrough cancelled by presence of DKIM or ARC signing\n");
         }
       }